<?php
require('config.php');

$message = escape($_POST['message']);
$sender = intval($_POST['sender']);
$receiver = intval($_POST['receiver']);
if($_POST['type'])
	$type=intval($_POST['type']);
else
	$type=1;

mysql_query("INSERT INTO Message (message, sender, receiver, type) VALUES ($message, $sender, $receiver, $type)");

if ($error=mysql_error()){
	echo $error;
}

function escape($values) {
   if(is_array($values)) {
    $values = array_map('escape', $values);
   } else {
    /* Quote if not integer */
    if ( !is_numeric($values) || $values{0} == '0' ) {
     $values = "'" .mysql_real_escape_string($values) . "'";
    }
   }
   return $values;
  }

?>
